Debunqed

Tag: randsomware

  • Digital vulnerabilities

    Digital vulnerabilities

    Global security breaches are on the rise and no one or country is safe. The acceleration of certain technologies has been rapid since the pandemic engulfed the world last year. But unfortunately, we’ve also become slack in the process.

    Once again, it has become apparent just how ‘at-risk’ our data is.

    Data hacks have been frantic and are now getting major press attention. It’s hard to know who each unwanted visitor is in each case but fingers are being pointed in perhaps familiar directions.

    Russian invaders back at it again

    In fact, throughout June, Russians have been blamed for a slew of hacks around the world.

    Microsoft in late May said a wave of Russian cyber-attacks had targeted government agencies and human rights groups in 24 countries, mostly in the US.

    It claimed that around 3000 email accounts of more than 150 different organizations, some of them international, were attacked in just one week.

    Allegedly, the group responsible was the same one that carried out 2020’s SolarWinds attacks, which the Russian Foreign Intelligence Service (SVR) was accused of orchestrating.

    But the Kremlin denied having any knowledge or anything to do with any cyber-attacks. It challenged Microsoft to how these attacks were linked to the European attacks.

    Nevertheless, authorities are now aggressively investigating cybercrime. In the first week of June, the US Justice Department recovered around $2.3m in cryptocurrency ransom money.

    Webscanner

    This was part of the funds paid by the Colonial Pipeline Company to Russian hackers in the most disruptive cyberattack on record in the country.

    The US deputy attorney general Lisa Monaco said investigators had seized 63.7 Bitcoins which was paid by the company after its systems were hacked, leading to massive shortages of petrol along the US’s East Coast. The department said it founded and recaptured the majority of the ransom.

    The hackers are believed to be a group called DarkSide, whose menace caused a multi-day shutdown in certain petrol stations and a spike in gas prices.

    The attack made international news and prompted the US’s White House to encourage business executives to improve security measures to avoid future cyberattacks whatever their nature, ransomware or otherwise.

    The FBI said DarkSide had also disrupted operations at a meatpacking company. As no one tends to be spared in the spillover effects, it is always a good idea to protect your company’s digital assets as a preventative measure.

    Not so sophisticated

    The attackers rather proved to be quite ‘amatuerish’ because they sent the Bitcoins to an online platform to convert it to fiat money – and that is how they got nabbed. Server-hosted (Online) crypto exchanges are obliged to keep customer data for compliance and anti-money laundering practices. So while your Crypto digital wallet does not reveal your identity, pairing it with an exchange will link it to all the other particulars you needed to provide to use the exchange.

    As long as you need cash to pay for things you will always need to switch your crypto in some way or another – unless your recipient agreed to take payment in Crypto as well. Keeping your digital assets on a hard-wallet or on your hard-drive keeps them “off-the-grid”. But also means you can’t actually spend them.

    Although the initial cyberattack was a smart manuever, the attackers proved to be rookies at the robbing game in the end.

    On a positive note: the ability to retrieve Bitcoins actually reinforces the need for a Blockchain-based financial system. This made it easier for the authorities to track movements of the ‘ransom-paid’ Bitcoins.

    Cuban for a bruising

    But politicians aren’t the only people who are urging businesses, civil society organizations, and other groups to improve security systems and be cognisant of an often-dark future.

    US Dollar billionaire Mark Cuban has also called for stricter cryptocurrency regulations.

    The owner of the Dallas Mavericks who has been investing in trading Bitcoin and other cryptocurrencies such as Ethereum said the world was in dire need of regulation for the burgeoning decentralized finance (DeFi) space.

    READ MORE ABOUT DEFI HERE

    Cuban said in an interview with Bloomberg that there “should be regulation to define what a Stablecoin is” in order for DeFi to be reliable and to prevent total collapses in investments.

    This comes after he saw his investments in a particular Stablecoin ‘went to zero’. Cuban claimed he had been scammed.

    Stablecoins are a type of cryptocurrency that is pegged to an underlying asset, or currency – usually the US dollar. They are the earliest forms of DeFi and the largest Stablecoin, Tether, is currently worth more than $62bn.

    DeFi has helped the price of Ethereum, the blockchain on which most DeFi projects are built, to also soar. But they can be highly risky investments.

    Investors try to create arbitrage opportunities and liquidity between coins but such a scheme collapsed for Cuban.

    “There should be regulation to define what a stable coin is and what collateralization is acceptable,” he said.

    trade cryptos
    Buy, Stake, and Trade Cryptos

    Strong words of caution

    Cuban hasn’t revealed how much money he lost but told a fellow DeFi investor via Twitter that regulation must be implemented- and quickly.

    It had been suggested that Cuban was “rugged” which refers to when a project’s liquidity dries up and investors cannot withdraw their cash.

    Mark Cuban is alleged to have 60% of his crypto holdings in Bitcoin, 30% in Ethereum, and 10% held in other coins. He likes to experiment with new financial tech investments.

    He added further in a recent blog post that banks should be scared of unregulated DeFi technology.

    All crypto-based investments remain highly risky as the technology around them develops. But there certainly needs to be global laws to prevent people from losing hefty amounts of their wealth/investment. Cryptocurrency is without a doubt a very lucrative investment vehicle that could make you an overnight millionaire. But that also makes it a perfect vehicle for scammers to clone projects to make away with your hard-earned cash.

    You must, therefore, be extra vigilant and scrutinize offers for instant riches. But more so, you would be quite negligent these days to navigate the Internet without any form of cyber-protection.

  • Ethical hacking

    Ethical hacking

    Maybe you should encourage your kids to become hackers. When you open Twitter handles and Linkedin profiles, it’s not unlikely that you’ll find people listing hacking as a skill.

    Parents used to tell their kids to become doctors, lawyers, and accountants. Later, they advised them to learn about computers. These kids have now grown to become hardware specialists and then software specialists today.

    In the past 10 to twelve years, we have seen ourselves thrown into the fourth industrial revolution. In it, technology affects our lives through social media and augmented reality.

    We share a lot of our personal information with more people, companies, and institutions every day, willingly and are often blasé about it. This has tempted people to steal this information by hacking it. 

    Hacking background

    Since the advent of personal computers in the 1980s hackers have become prolific, initially in ‘first-world’ countries that had an advanced infrastructure. There were numerous cases in the US but as computer technology permeated the world, hackers followed suit. 

    A hacking group called MOD, Masters of Deception, in the 1980s allegedly stole passwords and technical data from Nynex, and other telephone companies as well as several big credit agencies and two major universities.

    The damage caused was extensive and one company, Southwestern Bell said it suffered losses of $370,000 alone. These days the damages, though not always publically announced, can run into a few millions of dollars.

    READ MORE about the Online Threats hackers use here

    All this has paved the way for a special information technology (IT) vocation. A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system and networks. They break into systems they aren’t authorized to, and tend to break seamlessly into email and banking systems.

    Advertisment

    Hacking as a career

    Ben Wilson works as an ethical hacker. He has more than ten years of experience and worked in London where he received on-the-job training. He now works remotely in South Africa servicing UK clients.

    “I test websites for clients and look for vulnerabilities in the systems. I have done a lot of work for banks lately but my work is across industries.” 

    “Energy companies are using my services more and more,” he says.

    Wilson says he worked in a permanent position for six years. Right now he contracts for five clients regularly.

    Ethical hackers are the knights who test how permeable these systems are.

     

    “The majority of my work is for British clients. The UK pound is strong and I like to earn pounds. I’d say the best computer security consultants in the world are in the UK. The US is strong too but the UK consultants are sophisticated and the best.”

    Vulnerabilities

    The most common way in which people hack information is through email contacts; especially personal Gmail accounts.

    People think that their information is safe because it sits with one of the largest companies in the world. But this is exactly why it isn’t safe.

    Gmail and other third-party free email accounts are regularly hacked. If you want to protect especially valuable information you should either upgrade it to the business/enterprise level, use a different email service, or perhaps the one connected to your employer. 

    Nowadays companies use services to protect themselves against hacks and unauthorized access. These monthly or annual service providers might employ ethical hackers to check the companies’ systems.

    Hacking, however, isn’t just something that happens to big companies or in blockbuster movies. Here are some reality checks:

    • All websites are under threat;
    • So are applications (Apps) on your phone;
    • People can also program artificial intelligence (AI) to hack into systems. This has become a big concern and theme for security experts.

    Ways to proactively prevent a hack 

    Fortunately, there are several ways of protecting yourself and your information from hacking; starting with your emails. Be wary of “phishing” emails asking you to update your information, especially for bogus databases that you have never heard of.

    Use a spam filter – Avoid opening attachments from senders you don’t know – Update your passwords regularly – It helps to have authentication methods, such as a smartphone-linked and email-linked authentication (2FA) or security keys like Yubico – Do not click on any ad – period! Back up your files regularly – it’s always a good idea – Don’t allow ransomware bullies to bully you.

    • If you get sent communication saying that people have your files and want money or they’ll release the files; ignore them.
    • They can’t threaten you forever and might eventually move onto another target especially if your information loses its value over time.

    Anti-hacking software

    As a business, use tools like those from cybersecurity experts Acunetix. More than 4 000 companies protect their web applications from vulnerabilities using its powerful web scanner.

    Its penetration testing software prevents potential attacks by identifying holes in your websites’ coding. This is where hackers usually plant their complex code which allows them to extract data such as contact details, credit card details, and in worse cases, company-sensitive data like patents and blueprints.

    Naturally, it also scans networks to find gateway loopholes that could lead to crashes and downtime-related losses. A bank’s website going down for a few hours can cost it several thousand or even millions in lost revenue.

    Despite having firewalls, VPNs, and other Internet security systems in place, your websites and apps being developed are still vulnerable to cyber-attacks or a hack.

    The most commonly known hack used is a DDoS attack. Basically, it works like a traffic jam clogging up a highway, preventing regular traffic from arriving at its desired destination. Incidentally, only a few days ago, Amazon was hit by a DDoS Attack.

    So, how would you know or find out if you are vulnerable?  By conducting regular scans on your websites and apps to see where vulnerabilities lie.

    Avoiding a hack requires common sense

    Be aware and don’t fall into scams. It’s unlikely you’ve won 120-million Euros in a lottery. You should know by now that you are not the descendant of a king!

    In addition, if someone says they have a sex tape with you in it and they want your salary, unless you know you made a sex tape, they’re probably lying.

    Unless of course, a scorned lover of yours tricked you – but you can’t blame technology or a hacker for that.

     

Translate »

This website uses cookies. By continuing to use this site, you accept our use of cookies.